OpenAuth_server/src/api/admin/permission.ts

import { Request, Router } from "express";
import { GetUserMiddleware } from "../middlewares/user";
import RequestError, { HttpStatusCode } from "../../helper/request_error";
import promiseMiddleware from "../../helper/promiseMiddleware";
import Permission from "../../models/permissions";
import verify, { Types } from "../middlewares/verify";
import Client from "../../models/client";
import { ObjectID } from "bson";

const PermissionRoute: Router = Router();
PermissionRoute.route("/")
   /**
    * @api {get} /admin/permission
    * @apiName AdminGetPermissions
    *
    * @apiParam client Optionally filter by client _id
    *
    * @apiGroup admin_permission
    * @apiPermission admin
    *
    * @apiSuccess {Object[]} permissions
    * @apiSuccess {String} permissions._id The ID
    * @apiSuccess {String} permissions.name Permission name
    * @apiSuccess {String} permissions.description A description, that makes it clear to the user, what this Permission allows to do
    * @apiSuccess {String} permissions.client The ID of the owning client
    */
   .get(
      promiseMiddleware(async (req, res) => {
         let query = {};
         if (req.query.client) {
            query = { client: new ObjectID(req.query.client) };
         }
         let permissions = await Permission.find(query);
         res.json(permissions);
      })
   )
   /**
    * @api {post} /admin/permission
    * @apiName AdminAddPermission
    *
    * @apiParam client The ID of the owning client
    * @apiParam name Permission name
    * @apiParam description A description, that makes it clear to the user, what this Permission allows to do
    *
    * @apiGroup admin_permission
    * @apiPermission admin
    *
    * @apiSuccess {Object[]} permissions
    * @apiSuccess {String} permissions._id The ID
    * @apiSuccess {String} permissions.name Permission name
    * @apiSuccess {String} permissions.description A description, that makes it clear to the user, what this Permission allows to do
    * @apiSuccess {String} permissions.client The ID of the owning client
    * @apiSuccess {String} permissions.grant_type The type of the permission. "user" | "client" granted
    */
   .post(
      verify(
         {
            client: {
               type: Types.STRING,
            },
            name: {
               type: Types.STRING,
            },
            description: {
               type: Types.STRING,
            },
            type: {
               type: Types.ENUM,
               values: ["user", "client"],
            },
         },
         true
      ),
      promiseMiddleware(async (req, res) => {
         let client = await Client.findById(req.body.client);
         if (!client) {
            throw new RequestError(
               "Client not found",
               HttpStatusCode.BAD_REQUEST
            );
         }
         let permission = Permission.new({
            description: req.body.description,
            name: req.body.name,
            client: client._id,
            grant_type: req.body.type,
         });
         await Permission.save(permission);
         res.json(permission);
      })
   )
   /**
    * @api {delete} /admin/permission
    * @apiName AdminDeletePermission
    *
    * @apiParam id The permission ID
    *
    * @apiGroup admin_permission
    * @apiPermission admin
    *
    * @apiSuccess {Boolean} success
    */
   .delete(
      promiseMiddleware(async (req, res) => {
         let { id } = req.query;
         await Permission.delete(id);
         res.json({ success: true });
      })
   );

export default PermissionRoute;
First version of OpenAuth remake 2018-11-06 19:48:50 +00:00			`import { Request, Router } from "express";`
			`import { GetUserMiddleware } from "../middlewares/user";`
			`import RequestError, { HttpStatusCode } from "../../helper/request_error";`
			`import promiseMiddleware from "../../helper/promiseMiddleware";`
			`import Permission from "../../models/permissions";`
			`import verify, { Types } from "../middlewares/verify";`
			`import Client from "../../models/client";`
Adding permission mangement to admin panel 2018-11-09 15:44:03 +00:00			`import { ObjectID } from "bson";`
First version of OpenAuth remake 2018-11-06 19:48:50 +00:00
			`const PermissionRoute: Router = Router();`
			`PermissionRoute.route("/")`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`/**`
			`* @api {get} /admin/permission`
			`* @apiName AdminGetPermissions`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiParam client Optionally filter by client _id`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiGroup admin_permission`
			`* @apiPermission admin`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiSuccess {Object[]} permissions`
			`* @apiSuccess {String} permissions._id The ID`
			`* @apiSuccess {String} permissions.name Permission name`
			`* @apiSuccess {String} permissions.description A description, that makes it clear to the user, what this Permission allows to do`
			`* @apiSuccess {String} permissions.client The ID of the owning client`
			`*/`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`.get(`
			`promiseMiddleware(async (req, res) => {`
			`let query = {};`
			`if (req.query.client) {`
			`query = { client: new ObjectID(req.query.client) };`
			`}`
			`let permissions = await Permission.find(query);`
			`res.json(permissions);`
			`})`
			`)`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`/**`
			`* @api {post} /admin/permission`
			`* @apiName AdminAddPermission`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiParam client The ID of the owning client`
			`* @apiParam name Permission name`
			`* @apiParam description A description, that makes it clear to the user, what this Permission allows to do`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiGroup admin_permission`
			`* @apiPermission admin`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiSuccess {Object[]} permissions`
			`* @apiSuccess {String} permissions._id The ID`
			`* @apiSuccess {String} permissions.name Permission name`
			`* @apiSuccess {String} permissions.description A description, that makes it clear to the user, what this Permission allows to do`
			`* @apiSuccess {String} permissions.client The ID of the owning client`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`* @apiSuccess {String} permissions.grant_type The type of the permission. "user" \| "client" granted`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`*/`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`.post(`
			`verify(`
			`{`
			`client: {`
Running prettier 2020-08-07 14:16:39 +00:00			`type: Types.STRING,`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`},`
			`name: {`
Running prettier 2020-08-07 14:16:39 +00:00			`type: Types.STRING,`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`},`
			`description: {`
Running prettier 2020-08-07 14:16:39 +00:00			`type: Types.STRING,`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`},`
			`type: {`
			`type: Types.ENUM,`
Running prettier 2020-08-07 14:16:39 +00:00			`values: ["user", "client"],`
			`},`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`},`
			`true`
			`),`
			`promiseMiddleware(async (req, res) => {`
			`let client = await Client.findById(req.body.client);`
			`if (!client) {`
			`throw new RequestError(`
			`"Client not found",`
			`HttpStatusCode.BAD_REQUEST`
			`);`
			`}`
			`let permission = Permission.new({`
			`description: req.body.description,`
			`name: req.body.name,`
			`client: client._id,`
Running prettier 2020-08-07 14:16:39 +00:00			`grant_type: req.body.type,`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`});`
			`await Permission.save(permission);`
			`res.json(permission);`
			`})`
			`)`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`/**`
			`* @api {delete} /admin/permission`
			`* @apiName AdminDeletePermission`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiParam id The permission ID`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiGroup admin_permission`
			`* @apiPermission admin`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`*`
Adding Basic API Documentation 2019-03-14 22:10:39 +00:00			`* @apiSuccess {Boolean} success`
			`*/`
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`.delete(`
			`promiseMiddleware(async (req, res) => {`
			`let { id } = req.query;`
			`await Permission.delete(id);`
			`res.json({ success: true });`
			`})`
			`);`
First version of OpenAuth remake 2018-11-06 19:48:50 +00:00
Adding API and adjusting admin view 2020-03-18 13:41:22 +00:00			`export default PermissionRoute;`